Skip to content

Commit 44e0168

Browse files
six5532onesix5532one
committed
Fix starlette vulnerability
1 parent 4291fe6 commit 44e0168

File tree

3 files changed

+145
-182
lines changed

3 files changed

+145
-182
lines changed

requirements/base.txt

Lines changed: 64 additions & 78 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
11
#
2-
# This file is autogenerated by pip-compile with Python 3.11
2+
# This file is autogenerated by pip-compile with Python 3.12
33
# by the following command:
44
#
5-
# pip-compile --config=pyproject.toml requirements/base.in
5+
# pip-compile requirements/base.in
66
#
77
aiofiles==24.1.0
88
# via unstructured-client
99
annotated-types==0.7.0
1010
# via pydantic
1111
antlr4-python3-runtime==4.9.3
1212
# via omegaconf
13-
anyio==4.7.0
13+
anyio==4.8.0
1414
# via
1515
# httpx
1616
# starlette
@@ -20,9 +20,9 @@ backoff==2.2.1
2020
# unstructured
2121
beautifulsoup4==4.12.3
2222
# via unstructured
23-
cachetools==5.5.0
23+
cachetools==5.5.1
2424
# via google-auth
25-
certifi==2024.8.30
25+
certifi==2024.12.14
2626
# via
2727
# httpcore
2828
# httpx
@@ -31,7 +31,7 @@ cffi==1.17.1
3131
# via cryptography
3232
chardet==5.2.0
3333
# via unstructured
34-
charset-normalizer==3.4.0
34+
charset-normalizer==3.4.1
3535
# via
3636
# pdfminer-six
3737
# requests
@@ -53,36 +53,36 @@ cycler==0.12.1
5353
# via matplotlib
5454
dataclasses-json==0.6.7
5555
# via unstructured
56-
deprecated==1.2.15
56+
deprecated==1.2.18
5757
# via pikepdf
5858
effdet==0.4.1
5959
# via unstructured
60-
emoji==2.14.0
60+
emoji==2.14.1
6161
# via unstructured
6262
et-xmlfile==2.0.0
6363
# via openpyxl
64-
eval-type-backport==0.2.0
64+
eval-type-backport==0.2.2
6565
# via unstructured-client
66-
fastapi==0.113.0
66+
fastapi==0.1.17
6767
# via -r requirements/base.in
68-
filelock==3.16.1
68+
filelock==3.17.0
6969
# via
7070
# huggingface-hub
7171
# torch
7272
# transformers
7373
filetype==1.2.0
7474
# via unstructured
75-
flatbuffers==24.3.25
75+
flatbuffers==25.1.24
7676
# via onnxruntime
77-
fonttools==4.55.3
77+
fonttools==4.55.7
7878
# via matplotlib
79-
fsspec==2024.10.0
79+
fsspec==2024.12.0
8080
# via
8181
# huggingface-hub
8282
# torch
83-
google-api-core[grpc]==2.24.0
83+
google-api-core[grpc]==2.24.1
8484
# via google-cloud-vision
85-
google-auth==2.37.0
85+
google-auth==2.38.0
8686
# via
8787
# google-api-core
8888
# google-cloud-vision
@@ -92,11 +92,11 @@ googleapis-common-protos==1.66.0
9292
# via
9393
# google-api-core
9494
# grpcio-status
95-
grpcio==1.68.1
95+
grpcio==1.70.0
9696
# via
9797
# google-api-core
9898
# grpcio-status
99-
grpcio-status==1.68.1
99+
grpcio-status==1.70.0
100100
# via google-api-core
101101
h11==0.14.0
102102
# via
@@ -108,7 +108,7 @@ httpcore==1.0.7
108108
# via httpx
109109
httpx==0.28.1
110110
# via unstructured-client
111-
huggingface-hub==0.26.5
111+
huggingface-hub==0.28.0
112112
# via
113113
# timm
114114
# tokenizers
@@ -121,20 +121,16 @@ idna==3.10
121121
# anyio
122122
# httpx
123123
# requests
124-
iopath==0.1.10
125-
# via layoutparser
126-
jinja2==3.1.4
124+
jinja2==3.1.5
127125
# via torch
128126
joblib==1.4.2
129127
# via nltk
130128
jsonpath-python==1.0.6
131129
# via unstructured-client
132-
kiwisolver==1.4.7
130+
kiwisolver==1.4.8
133131
# via matplotlib
134132
langdetect==1.0.9
135133
# via unstructured
136-
layoutparser==0.3.4
137-
# via unstructured-inference
138134
lxml==5.3.0
139135
# via
140136
# pikepdf
@@ -145,9 +141,9 @@ markdown==3.7
145141
# via unstructured
146142
markupsafe==3.0.2
147143
# via jinja2
148-
marshmallow==3.23.1
144+
marshmallow==3.26.0
149145
# via dataclasses-json
150-
matplotlib==3.9.4
146+
matplotlib==3.10.0
151147
# via
152148
# pycocotools
153149
# unstructured-inference
@@ -167,7 +163,6 @@ numpy==1.26.4
167163
# via
168164
# -c requirements/constraints.in
169165
# contourpy
170-
# layoutparser
171166
# matplotlib
172167
# onnx
173168
# onnxruntime
@@ -189,10 +184,8 @@ onnx==1.17.0
189184
# unstructured-inference
190185
onnxruntime==1.20.1
191186
# via unstructured-inference
192-
opencv-python==4.10.0.84
193-
# via
194-
# layoutparser
195-
# unstructured-inference
187+
opencv-python==4.11.0.86
188+
# via unstructured-inference
196189
openpyxl==3.1.5
197190
# via unstructured
198191
packaging==24.2
@@ -206,40 +199,32 @@ packaging==24.2
206199
# unstructured-pytesseract
207200
pandas==2.2.3
208201
# via
209-
# layoutparser
210202
# unstructured
203+
# unstructured-inference
211204
pdf2image==1.17.0
205+
# via unstructured
206+
pdfminer-six==20240706
212207
# via
213-
# layoutparser
214-
# unstructured
215-
pdfminer-six==20231228
216-
# via
217-
# pdfplumber
218208
# unstructured
219-
pdfplumber==0.11.4
220-
# via layoutparser
209+
# unstructured-inference
221210
pi-heif==0.21.0
222211
# via unstructured
223-
pikepdf==9.4.2
212+
pikepdf==9.5.1
224213
# via unstructured
225-
pillow==11.0.0
214+
pillow==11.1.0
226215
# via
227-
# layoutparser
228216
# matplotlib
229217
# pdf2image
230-
# pdfplumber
231218
# pi-heif
232219
# pikepdf
233220
# python-pptx
234221
# torchvision
235222
# unstructured-pytesseract
236-
portalocker==3.0.0
237-
# via iopath
238-
proto-plus==1.25.0
223+
proto-plus==1.26.0
239224
# via
240225
# google-api-core
241226
# google-cloud-vision
242-
protobuf==5.29.1
227+
protobuf==5.29.3
243228
# via
244229
# google-api-core
245230
# google-cloud-vision
@@ -248,7 +233,7 @@ protobuf==5.29.1
248233
# onnx
249234
# onnxruntime
250235
# proto-plus
251-
psutil==6.1.0
236+
psutil==6.1.1
252237
# via
253238
# -r requirements/base.in
254239
# unstructured
@@ -264,35 +249,35 @@ pycparser==2.22
264249
# via cffi
265250
pycryptodome==3.21.0
266251
# via -r requirements/base.in
267-
pydantic==2.9.2
252+
pydantic==2.10.6
268253
# via
269254
# fastapi
270255
# unstructured-client
271-
pydantic-core==2.23.4
256+
pydantic-core==2.27.2
272257
# via pydantic
273-
pypandoc==1.14
258+
pypandoc==1.15
274259
# via unstructured
275-
pyparsing==3.2.0
260+
pyparsing==3.2.1
276261
# via matplotlib
277-
pypdf==5.1.0
262+
pypdf==5.2.0
278263
# via
279264
# -r requirements/base.in
280265
# unstructured
281266
# unstructured-client
282-
pypdfium2==4.30.0
283-
# via pdfplumber
267+
pypdfium2==4.30.1
268+
# via unstructured-inference
284269
python-dateutil==2.9.0.post0
285270
# via
286271
# matplotlib
287272
# pandas
288273
# unstructured-client
289274
python-docx==1.1.2
290275
# via unstructured
291-
python-iso639==2024.10.22
276+
python-iso639==2025.1.28
292277
# via unstructured
293278
python-magic==0.4.27
294279
# via unstructured
295-
python-multipart==0.0.19
280+
python-multipart==0.0.20
296281
# via unstructured-inference
297282
python-oxmsg==0.0.1
298283
# via unstructured
@@ -303,11 +288,10 @@ pytz==2024.2
303288
pyyaml==6.0.2
304289
# via
305290
# huggingface-hub
306-
# layoutparser
307291
# omegaconf
308292
# timm
309293
# transformers
310-
rapidfuzz==3.10.1
294+
rapidfuzz==3.11.0
311295
# via
312296
# unstructured
313297
# unstructured-inference
@@ -329,12 +313,12 @@ requests-toolbelt==1.0.0
329313
# via unstructured-client
330314
rsa==4.9
331315
# via google-auth
332-
safetensors==0.4.5
316+
safetensors==0.5.2
333317
# via
334318
# timm
335319
# transformers
336-
scipy==1.14.1
337-
# via layoutparser
320+
scipy==1.15.1
321+
# via unstructured-inference
338322
six==1.17.0
339323
# via
340324
# html5lib
@@ -344,13 +328,15 @@ sniffio==1.3.1
344328
# via anyio
345329
soupsieve==2.6
346330
# via beautifulsoup4
347-
starlette==0.38.6
348-
# via fastapi
331+
starlette==0.45.3
332+
# via
333+
# -c requirements/constraints.in
334+
# fastapi
349335
sympy==1.13.1
350336
# via
351337
# onnxruntime
352338
# torch
353-
timm==1.0.12
339+
timm==1.0.14
354340
# via
355341
# effdet
356342
# unstructured-inference
@@ -369,18 +355,15 @@ torchvision==0.20.1
369355
tqdm==4.67.1
370356
# via
371357
# huggingface-hub
372-
# iopath
373358
# nltk
374359
# transformers
375360
# unstructured
376-
transformers==4.47.0
361+
transformers==4.48.1
377362
# via unstructured-inference
378363
typing-extensions==4.12.2
379364
# via
380365
# anyio
381-
# fastapi
382366
# huggingface-hub
383-
# iopath
384367
# pydantic
385368
# pydantic-core
386369
# python-docx
@@ -393,27 +376,30 @@ typing-inspect==0.9.0
393376
# via
394377
# dataclasses-json
395378
# unstructured-client
396-
tzdata==2024.2
379+
tzdata==2025.1
397380
# via pandas
398-
unstructured[all-docs]==0.16.11
381+
unstructured[all-docs]==0.16.16
399382
# via -r requirements/base.in
400-
unstructured-client==0.28.1
383+
unstructured-client==0.29.0
401384
# via unstructured
402-
unstructured-inference==0.8.1
385+
unstructured-inference==0.8.6
403386
# via unstructured
404387
unstructured-pytesseract==0.3.13
405388
# via unstructured
406-
urllib3==2.2.3
389+
urllib3==2.3.0
407390
# via requests
408-
uvicorn==0.32.1
391+
uvicorn==0.34.0
409392
# via -r requirements/base.in
410393
webencodings==0.5.1
411394
# via html5lib
412-
wrapt==1.17.0
395+
wrapt==1.17.2
413396
# via
414397
# deprecated
415398
# unstructured
416399
xlrd==2.0.1
417400
# via unstructured
418-
xlsxwriter==3.2.0
401+
xlsxwriter==3.2.2
419402
# via python-pptx
403+
404+
# The following packages are considered to be unsafe in a requirements file:
405+
# setuptools

requirements/constraints.in

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,4 @@
44
# words, if something does not require a constraint, it will not be installed.
55
####################################################################################################
66
numpy<2.0.0
7+
starlette>=0.40.0

0 commit comments

Comments
 (0)